Skip Navigation

New Improved National Shred Law Emerges

Bookmark and Share

Yesterday, a bipartisan group of Senators from the Commerce Committee issued a press release, stating that they will introduce legislation in the coming days designed to prevent identity theft.

NAID has obtained a "staff working draft" of the new law that is currently making the rounds and we like what we see.

It is not often that one can actually trace government relations work directly back to specific language, but that is not so in this instance.

About a month ago, someone from Senator Nelson’s (D-FL) office read a NAID press release, stating that FACTA was a good start but had a lot of room for improvement. Within a week, the NAID GR team was meeting with his staff, at their invitation, to explain what we meant. The GR Committee learned that Senator Nelson was drafting I.D. theft prevention legislation which at that point did not require destruction.

Based on NAID’s input, Senator Nelson corrected that oversight. The problem was that with no Republican support, this bill was bound to go nowhere. NAID considered it a hollow triumph when we realized that the Nelson bill was D.O.A.

To make it worse, the I.D. theft prevention bill that was the leading contender for adoption was coming from the Commerce Committee and it had no destruction requirement.

In an unlikely, last-minute twist, Senator Nelson threw his support to the Commerce Committee bill but in doing so brought along the destruction requirement. The other primary sponsor of the bill is Senator Gordon Smith (R-Ore.). The bill is co-sponsored by Commerce Committee Chairman Senator Ted Stevens (R-Alaska), Co-Chairman Senator Daniel Inouye (D-HI), Senator John McCain (R-Ariz.), and Senator Mark Pryor (D-Ark.).

The law requires the protection (and destruction) of most personal information specifically by name, but, quite astutely, also leaves the door open for the FTC to address any other information that they determine could be used to commit I.D. theft.

As far as who would be covered by such a law, it states, "The bill covers any business, school, or other entity that collects sensitive personal information, including Social Security numbers, financial account information, driver’s license information, and other information that the Federal Trade Commission determines can be used for identity theft." The bill also covers any third party that purchases or otherwise acquires this information.

The bill would preempt any current state laws that cover the same issue but this actually could work to make it stronger. The FTC hesitates to make laws that undermine existing state law that is more stringent. Therefore, it may rise to the highest denominator.

The bill is so well supported and has been widely anticipated, it could make its way through the legislative process within the next few weeks. The FTC will then have one year to promulgate rules; a process identical to what we went through with FACTA.

All indications are that the FTC has been ready and waiting for the chance to create a strong rule that effectively curtails access to personal information.

Obviously, NAID will be bringing readers complete coverage of this issue including interpretive analysis. Related documents will be posted to the NAID website as soon as we have permission.